Many computer systems permit access only to authorized users. This is generally accomplished by requiring those seeking to use the system to prove that they are authorized to do so. Proof of authorization can take many forms. Often, the user must provide a name or initials and a password or Personal Identification Number (PIN) before being permitted to use the system. Other systems require the user to insert a magnetic card or similar "key" into a reader which verifies that the cardholder is authorized to use the system. Still others evaluate some biometric characteristic of the user, such as the user's voice print.
All such access control systems, however, suffer from several drawbacks. The most important is that they merely restrict initial access to the computer system. Once a user has gained access, continued use of the system is possible by someone else when the authorized user leaves the computer system unattended. This decreases the security of the system for several reasons. If the user leaves the computer unattended, an unauthorized user may gain access to sensitive data stored in the computer system. Moreover, the unauthorized user might also be in a position to modify or even erase data stored in the computer system.
To avoid this possibility, wary authorized users may choose to exit the system even when stepping away from the computer for only a short time. This, too, has a drawback: the authorized user must reenter the computer system when he returns, a process which may take several minutes. Furthermore, this tactic does not permit continued running of application programs such as spreadsheets while the user is away. As a result, users may end up "standing guard" at their computers when running sensitive spreadsheets and other programs.
Second, presently available access control systems do not offer convenient hands-off or passive operation, since they require the active participation of the user before entry is granted. Therefore, in addition to the inconvenience of remembering a password or of carrying a magnetic card, users suffer the additional inconvenience of typing the password into a keyboard or swiping the magnetic card, before access is granted.
Furthermore, security systems that use passwords or cards can be compromised since a password can be discovered by an intruder and cards can be stolen.
A need therefore exists in the art for a security system without the above drawbacks. In particular, there is a need for a convenient passive security system which continuously monitors the identity of an authorized user and prevents access to a computer system without shutting the computer system down when it is determined that the authorized user has left the computer unattended.
In addition, the need for a continuous monitoring system exists not only with respect to virtual environments such as a computer system, but more generally extends to other restricted environments, including physical environments such as bank vaults.